1. Home
    2. /
  2. Manuals
    3. /
  3. Cisco
    4. /
  4. RV130
    5. /
  5. 18
Page 86 / 141 Scroll up to view Page 81 - 85
Configuring the Firewall
Configuring Basic Firewall Settings
Cisco RV130/130W Wireless Multifunction VPN Router Administration Guide
83
5
Inbound (WAN to LAN/DMZ) rules restrict access to traffic entering your network,
selectively allowing only specific outside users to access specific local resources.
By default, all access from the insecure WAN side is blocked from accessing the
secure LAN, except in response to requests from the LAN or DMZ. To allow
outside devices to access services on the secure LAN, you must create a firewall
rule for each service.
If you want to allow incoming traffic, you must make the router's WAN port IP
address known to the public. This is called “exposing your host.” How you make
your address known depends on how the WAN ports are configured; for the
device, you may use the IP address if a static address is assigned to the WAN port,
or if your WAN address is dynamic, a DDNS (Dynamic DNS) name can be used.
Outbound (LAN/DMZ to WAN) rules restrict access to traffic leaving your network,
selectively allowing only specific local users to access specific outside resources.
The default outbound rule is to allow access from the secure zone (LAN) to either
the public DMZ or insecure WAN. To block hosts on the secure LAN from
accessing services on the outside (insecure WAN), you must create a firewall rule
for each service.
Configuring Basic Firewall Settings
To configure basic firewall settings:
STEP 1
Choose
Firewall
>
Basic Settings
.
STEP
2
Configure the following firewall settings:
IP Address Spoofing
Protection
To protect your network against IP address
spoofing, check the Enable check box.
DoS Protection
Check
Enable
to enable Denial of Service
protection.
Block WAN Request
Blocks ping requests to the device from the WAN.
LAN/VPN Web Access
Choose the type of web access that can be used
to connect to the firewall: HTTP or HTTPS (secure
HTTP).
Page 87 / 141
Configuring the Firewall
Configuring Basic Firewall Settings
Cisco RV130/130W Wireless Multifunction VPN Router Administration Guide
84
5
Remote Management
Remote Access
Remote Upgrade
Allowed Remote IP
Address
Remote Management
Port
See
Configuring Remote Management
.
IPv4 Multicast
Passthrough (IGMP
Proxy)
Check
Enable
to enable multicast passthrough for
IPv4.
IPv6 Multicast
Passthrough (IGMP
Proxy)
Check
Enable
to enable multicast passthrough for
IPv6.
SIP ALG
To allow Session Initiation Protocol (SIP) traffic to
traverse the firewall, check the SIP ALG
check box.
The device supports a maximum of 256 sessions.
UPnP
Allow Users to Configure
Allow Users to Disable
Internet Access
See
Configuring Universal Plug and Play
.
Block Java
Check to block Java applets. Java applets are
small programs embedded in web pages that
enable dynamic functionality of the page. A
malicious applet can be used to compromise or
infect computers.
Enabling this setting blocks Java applets from
being downloaded. Click
Auto
to automatically
block Java, or click
Manual
and enter a specific
port on which to block Java.
Page 88 / 141
Configuring the Firewall
Configuring Basic Firewall Settings
Cisco RV130/130W Wireless Multifunction VPN Router Administration Guide
85
5
Block Cookies
Check to block cookies. Cookies are used to store
session information by websites that usually
require login. However, several websites use
cookies to store tracking information and browsing
habits. Enabling this option filters out cookies from
being created by a website.
Many websites require that cookies be accepted in
order for the site to be accessed properly. Blocking
cookies can cause many websites to not function
properly.
Click
Auto
to automatically block cookies, or click
Manual
and enter a specific port on which to block
cookies.
Block ActiveX
Check to block ActiveX content. Similar to Java
applets, ActiveX controls are installed on a
Windows computer while running Internet Explorer.
A malicious ActiveX control can be used to
compromise or infect computers.
Enabling this setting blocks ActiveX applets from
being downloaded.
Click
Auto
to automatically block ActiveX, or click
Manual
and enter a specific port on which to block
ActiveX.
Block Proxy
Check to block proxy servers. A proxy server (or
proxy) allows computers to route connections to
other computers through the proxy, thus
circumventing certain firewall rules.
For example, if connections to a specific IP address
are blocked by a firewall rule, the requests can be
routed through a proxy that is not blocked by the
rule, rendering the restriction ineffective. Enabling
this feature blocks proxy servers.
Click
Auto
to automatically block proxy servers, or
click
Manual
and enter a specific port on which to
block proxy servers.
Page 89 / 141
Configuring the Firewall
Configuring Basic Firewall Settings
Cisco RV130/130W Wireless Multifunction VPN Router Administration Guide
86
5
STEP
3
Click
Save
.
Configuring Remote Management
You can enable remote management so that you can access the device from a
remote WAN network.
To configure remote management, configure these settings on the
Basic Settings
page:
!
CAUTION
When remote management is enabled, the router is accessible to anyone who
knows its IP address. Because a malicious WAN user can reconfigure the device
and misuse it, it is highly recommended that you change the administrator and any
guest passwords before continuing.
Remote Management
Check
Enable
to enable remote management.
Remote Access
Choose the type of web access that can be used
to connect to the firewall: HTTP or HTTPS (secure
HTTP).
Remote Upgrade
To allow remote upgrades of the device, check
Enable
.
Allowed Remote IP
Address
Click the
Any IP Address
button to allow remote
management from any IP address, or enter a
specific IP address in the address field.
Remote Management
Port
Enter the port on which remote access is allowed.
The default port is 443. When remotely accessing
the router, you must enter the remote management
port as part of the IP address. For example:
https://<remote-ip>:<remote-port>
,
or
https://
168.10.1.11:443
Page 90 / 141
Configuring the Firewall
Managing Firewall Schedules
Cisco RV130/130W Wireless Multifunction VPN Router Administration Guide
87
5
Configuring Universal Plug and Play
Universal Plug and Play (UPnP) allows automatic discovery of devices that can
communicate with the device.
To configure UPnP, configure these settings on the
Basic Settings
page:
Managing Firewall Schedules
You can create firewall schedules to apply firewall rules on specific days or at
specific times of the day.
Adding or Editing a Firewall Schedule
To create or edit a schedule:
STEP 1
Choose
Firewall
>
Schedule Management
.
STEP
2
Click
Add Row
.
STEP
3
In the
Name
field, enter a unique name to identify the schedule. This name is
available on the Firewall Rule Configuration page in the
Select Schedule
list. (See
Configuring Access Rules
.)
STEP
4
In the
Scheduled Days
section, choose if you want to apply the schedule to All
days or Specific Days. If you choose
Specific Days
, check the box next to the
days that you want to include in the schedule.
STEP
5
In the
Scheduled Time of Day
section, choose the time when you want the
schedule to apply. If you choose
Specific Time
, enter the start and end times.
STEP
6
Click
Save
.
UPnP
Check
Enable
to enable UPnP.
Allow Users to Configure
Check this box to allow UPnP port-mapping rules
to be set by users who have UPnP support enabled
on their computers or other UPnP-enabled devices.
If disabled, the device does not allow the
application to add the forwarding rule.
Allow Users to Disable
Internet Access
Check this box to allow users to disable Internet
access.

Rate

3.5 / 5 based on 2 votes.

Popular Cisco Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top